1. Use 'openssl rsa -in key.pem -text' to get a printout of the private key.2. remove a passphrase using openssl rsa -in key.pem -out key_unprot.pem

then rename key_unprot.pem to key.pem in the same directory as your copied it to from earlier.

(credit to Lutz's howto for this on becoming your own CA).http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/doc/myownca.html

I've read in threads somewhere on a issue concerning the following errors:The above 1. and 2. will fix these errors, by removing the passphrasees from the key.pem thus getting rid of the errors below concerning the problems getting password, bad password etc.. hope this works for you it did for me.

(credits due to a few anonymous readme's on the net which were a bit unexplained in detail and extremely hard to understand due to bad use of english ;).. i cant seem to find them again but if you google you should be able to find them and compare relation to the top of my article and see the differences in detail) this is just to make it alot more readable and helpfull if you wrote the others and see this please email me for an update of this article and for your credit where its deserved.

p.s - any thing you think i may have missed please email me, some things i think are trivial, i may miss putting in articles. If you discover something of that nature that should be here, please let me know for an update. This article already depends on you have a basic knoweldge of postfix and tls/ssl in general with OpenSSL.